Scribd Logo
Upload

Welcome to Scribd!

  • 7 Module 3 16 06 2023

    Uploaded by

    Shreya Rajpal
    6 views6 pages

    Original Title

    7-Module-3-16-06-2023

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    6 views6 pages

    7 Module 3 16 06 2023

    Uploaded by

    Shreya Rajpal

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 6

    MODULE - 3

    International Standards
    International Standards

    • International standards, guidelines, and best


    practice sensure the security of information,
    systems, and processes
    • These standards are developed and accepted
    globally
    – to provide a common reference for organizations
    • These standards cover various domains, including

    – information security management, privacy, data
    protection, and compliance
    • The purpose is to help organizations implement
    effective security policies
    International Standards

    • ISO/IEC 2700
    – International Organization for Standardization/ International
    Electrotechnical Commission 27001
    • NIST SP 800-53
    – National Institute of Standards and Technology Special Publication
    800-53
    • PCI DSS
    – Payment Card Industry Data Security Standard
    • GDPR
    – General Data Protection Regulation
    • HIPAA
    – Health Insurance Portability and Accountability Act
    • COBIT
    – Control Objectives for Information and Related Technologies
    International Standards

    1. ISO/IEC 27001
    – International standard for information security
    management systems (ISMS)
    – Establishes, implements, maintains, and improves
    information security policies
    – Provides requirements and controls to manage security
    risks effectively
    2. NIST SP 800-53
    – Catalog of security and privacy controls for federal
    information systems.
    – Offers a comprehensive set of controls for tailored security
    requirements.
    – Widely adopted in the U.S. government and globally
    International Standards

    3. PCI DSS
    – Standard for organizations handling credit card
    information
    – Specifies security management, policies, procedures,
    and network architecture
    – Ensures secure handling of cardholder data
    4. GDPR
    – EU regulation for protecting personal data and privacy
    – Sets requirements for data protection policies,
    consent, breach notification, and data subjects' rights
    – Applies to organizations handling personal data in the
    EU
    International Standards

    5. HIPAA
    – U.S. law for safeguarding protected health information
    (PHI)
    – Defines security policies, risk assessments, access
    controls, and encryption
    – Applies to healthcare organizations
    6. COBIT
    – Framework for governance and management of
    enterprise IT
    – Provides guidelines for security policies, risk
    management, and compliance
    – Developed by ISACA

    You might also like